typedef struct _KTHREAD                          // 97 elements, 0x1B8 bytes (sizeof)
          {
/*0x000*/     struct _DISPATCHER_HEADER Header;            // 10 elements, 0x10 bytes (sizeof)
/*0x010*/     struct _LIST_ENTRY MutantListHead;           // 2 elements, 0x8 bytes (sizeof)
/*0x018*/     VOID*        InitialStack;
/*0x01C*/     VOID*        StackLimit;
/*0x020*/     VOID*        KernelStack;
/*0x024*/     ULONG32      ThreadLock;
              union                                        // 2 elements, 0x18 bytes (sizeof)
              {
/*0x028*/         struct _KAPC_STATE ApcState;             // 5 elements, 0x18 bytes (sizeof)
                  struct                                   // 2 elements, 0x18 bytes (sizeof)
                  {
/*0x028*/             UINT8        ApcStateFill[23];
/*0x03F*/             UINT8        ApcQueueable;
                  };
              };
/*0x040*/     UINT8        NextProcessor;
/*0x041*/     UINT8        DeferredProcessor;
/*0x042*/     UINT8        AdjustReason;
/*0x043*/     CHAR         AdjustIncrement;
/*0x044*/     ULONG32      ApcQueueLock;
/*0x048*/     ULONG32      ContextSwitches;
/*0x04C*/     UINT8        State;
/*0x04D*/     UINT8        NpxState;
/*0x04E*/     UINT8        WaitIrql;
/*0x04F*/     CHAR         WaitMode;
/*0x050*/     LONG32       WaitStatus;
              union                                        // 2 elements, 0x4 bytes (sizeof)
              {
/*0x054*/         struct _KWAIT_BLOCK* WaitBlockList;
/*0x054*/         struct _KGATE* GateObject;
              };
/*0x058*/     UINT8        Alertable;
/*0x059*/     UINT8        WaitNext;
/*0x05A*/     UINT8        WaitReason;
/*0x05B*/     CHAR         Priority;
/*0x05C*/     UINT8        EnableStackSwap;
/*0x05D*/     UINT8        SwapBusy;
/*0x05E*/     UINT8        Alerted[2];
              union                                        // 2 elements, 0x8 bytes (sizeof)
              {
/*0x060*/         struct _LIST_ENTRY WaitListEntry;        // 2 elements, 0x8 bytes (sizeof)
/*0x060*/         struct _SINGLE_LIST_ENTRY SwapListEntry; // 1 elements, 0x4 bytes (sizeof)
              };
/*0x068*/     struct _KQUEUE* Queue;
/*0x06C*/     ULONG32      WaitTime;
              union                                        // 2 elements, 0x4 bytes (sizeof)
              {
                  struct                                   // 2 elements, 0x4 bytes (sizeof)
                  {
/*0x070*/             INT16        KernelApcDisable;
/*0x072*/             INT16        SpecialApcDisable;
                  };
/*0x070*/         ULONG32      CombinedApcDisable;
              };
/*0x074*/     VOID*        Teb;
              union                                        // 2 elements, 0x28 bytes (sizeof)
              {
/*0x078*/         struct _KTIMER Timer;                    // 5 elements, 0x28 bytes (sizeof)
/*0x078*/         UINT8        TimerFill[40];
              };
              union                                        // 2 elements, 0x8 bytes (sizeof)
              {
                  struct                                   // 4 elements, 0x4 bytes (sizeof)
                  {
/*0x0A0*/             ULONG32      AutoAlignment : 1;      // 0 BitPosition
/*0x0A0*/             ULONG32      DisableBoost : 1;       // 1 BitPosition
/*0x0A0*/             ULONG32      GuiThread : 1;          // 2 BitPosition
/*0x0A0*/             ULONG32      ReservedFlags : 29;     // 3 BitPosition
                  };
/*0x0A0*/         LONG32       ThreadFlags;
              };
              union                                        // 5 elements, 0x60 bytes (sizeof)
              {
/*0x0A8*/         struct _KWAIT_BLOCK WaitBlock[4];
                  struct                                   // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0A8*/             UINT8        WaitBlockFill0[23];
/*0x0BF*/             UINT8        SystemAffinityActive;
/*0x0C0*/             UINT8        _PADDING0_[0x48];
                  };
                  struct                                   // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0A8*/             UINT8        WaitBlockFill1[47];
/*0x0D7*/             CHAR         PreviousMode;
/*0x0D8*/             UINT8        _PADDING1_[0x30];
                  };
                  struct                                   // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0A8*/             UINT8        WaitBlockFill2[71];
/*0x0EF*/             UINT8        ResourceIndex;
/*0x0F0*/             UINT8        _PADDING2_[0x18];
                  };
                  struct                                   // 2 elements, 0x60 bytes (sizeof)
                  {
/*0x0A8*/             UINT8        WaitBlockFill3[95];
/*0x107*/             UINT8        LargeStack;
                  };
              };
/*0x108*/     struct _LIST_ENTRY QueueListEntry;           // 2 elements, 0x8 bytes (sizeof)
/*0x110*/     struct _KTRAP_FRAME* TrapFrame;
/*0x114*/     VOID*        CallbackStack;
/*0x118*/     VOID*        ServiceTable;
/*0x11C*/     UINT8        ApcStateIndex;
/*0x11D*/     UINT8        IdealProcessor;
/*0x11E*/     UINT8        Preempted;
/*0x11F*/     UINT8        ProcessReadyQueue;
/*0x120*/     UINT8        KernelStackResident;
/*0x121*/     CHAR         BasePriority;
/*0x122*/     CHAR         PriorityDecrement;
/*0x123*/     CHAR         Saturation;
/*0x124*/     ULONG32      UserAffinity;
/*0x128*/     struct _KPROCESS* Process;
/*0x12C*/     ULONG32      Affinity;
/*0x130*/     struct _KAPC_STATE* ApcStatePointer[2];
              union                                        // 2 elements, 0x18 bytes (sizeof)
              {
/*0x138*/         struct _KAPC_STATE SavedApcState;        // 5 elements, 0x18 bytes (sizeof)
                  struct                                   // 2 elements, 0x18 bytes (sizeof)
                  {
/*0x138*/             UINT8        SavedApcStateFill[23];
/*0x14F*/             CHAR         FreezeCount;
                  };
              };
/*0x150*/     CHAR         SuspendCount;
/*0x151*/     UINT8        UserIdealProcessor;
/*0x152*/     UINT8        CalloutActive;
/*0x153*/     UINT8        Iopl;
/*0x154*/     VOID*        Win32Thread;
/*0x158*/     VOID*        StackBase;
              union                                        // 7 elements, 0x30 bytes (sizeof)
              {
/*0x15C*/         struct _KAPC SuspendApc;                 // 16 elements, 0x30 bytes (sizeof)
                  struct                                   // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x15C*/             UINT8        SuspendApcFill0[1];
/*0x15D*/             CHAR         Quantum;
/*0x15E*/             UINT8        _PADDING3_[0x2E];
                  };
                  struct                                   // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x15C*/             UINT8        SuspendApcFill1[3];
/*0x15F*/             UINT8        QuantumReset;
/*0x160*/             UINT8        _PADDING4_[0x2C];
                  };
                  struct                                   // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x15C*/             UINT8        SuspendApcFill2[4];
/*0x160*/             ULONG32      KernelTime;
/*0x164*/             UINT8        _PADDING5_[0x28];
                  };
                  struct                                   // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x15C*/             UINT8        SuspendApcFill3[36];
/*0x180*/             VOID*        TlsArray;
/*0x184*/             UINT8        _PADDING6_[0x8];
                  };
                  struct                                   // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x15C*/             UINT8        SuspendApcFill4[40];
/*0x184*/             VOID*        LegoData;
/*0x188*/             UINT8        _PADDING7_[0x4];
                  };
                  struct                                   // 2 elements, 0x30 bytes (sizeof)
                  {
/*0x15C*/             UINT8        SuspendApcFill5[47];
/*0x18B*/             UINT8        PowerState;
                  };
              };
/*0x18C*/     ULONG32      UserTime;
              union                                        // 2 elements, 0x14 bytes (sizeof)
              {
/*0x190*/         struct _KSEMAPHORE SuspendSemaphore;     // 2 elements, 0x14 bytes (sizeof)
/*0x190*/         UINT8        SuspendSemaphorefill[20];
              };
/*0x1A4*/     ULONG32      SListFaultCount;
/*0x1A8*/     struct _LIST_ENTRY ThreadListEntry;          // 2 elements, 0x8 bytes (sizeof)
/*0x1B0*/     VOID*        SListFaultAddress;
/*0x1B4*/     UINT8        _PADDING8_[0x4];
          }KTHREAD, *PKTHREAD;
Return to structures/enums list.
Return to O.S. version list.

(c) MoonSols 2010.